Random ramblings about PSI, the jabber client
/This is Blog-Repost: I did this earlier than the above Date suggests :)/
[PSI]:http://psi.affinix.com/ is a nice [jabber]:http://www.jabber.org/ client which I use mostly for work and also for some private contacts.
I had forgotten my jabber password, which was saved in PSI. I needed it to test another jabber client, so I wanted it back. But no, they had to make it unnecessarily hard. There is a commercial program to recover it, it is called AIMPR (Advanced IM Password Recovery) - But I dislike paying money for this.
So had to spend quite some time until i found the solution. I present it here, so others don't have to spend their time.
!4 How to recover your jabber password from PSI.
# Search for your "config.xml"
# Extract the and part from within your group
# Decrypt by interpreting the password as hex 16bit-unicode, and XORing it to the jid.
If you have only Ascii characters in your password, you can try this line of perl:
% perl -le '($jid,$pw)=@ARGV;$pw=~s/..(..)/chr hex$1/ge; \
% print substr($pw^$jid,0,length$pw)' \
% email@example.com 000100020003007e
This information is relevant for PSI 0.92 - The author seemed displeased with me disclosing this information, so expect the algorithm to change.
P.S.: (added 2005-08-02)
*WARNING*: As it stands, PSI 0.10 and newer versions will remove saving of PGP passphrases completely. This means they will delete your PGP passphrase from the config file without notice!
The jabber password is still obfuscated the same way last time I checked.
P.P.S.: (added 2007-03-20)
There are of course [other ways]:http://www.hackerboard.de/thread.php?threadid=30746 to recover the password. But I have to say, my method is much simpler and quicker :-)
P.P.P.S.: (added 2010-09-01)
This still works with PSI 0.13, although the config file name has changed to %accounts.xml%
posted at: 18:28
| Category: /rev-eng
| permanent link to this entry
| 31 comments